DEPARTMENT OF SOFTWARE EGINEERING

BSSE PROGRAM
Computer Communication and Networks
FALL 2020
LAB ASSIGNMENT

Assignment # 4
Name: Hannan Tariq
Section: S
SAP ID: 70067010

Submitted to:
Mr. Junaid Akram

pg. 1
Question:
Write a detailed note on the following protocols:
1. TCP/IP (Transmission Control Protocol/ Internet Protocols)
Origins of TCP/IP
• Transmission Control Protocol/Internet Protocol (TCP/IP)
– Protocol suite whose invention and evolution resulted from a coordinated
effort by the United States Department of Defense (DOD)
• Advanced Research Projects Agency (ARPA)
– DOD branch responsible for creation and proliferation of the Internet and
TCP/IP protocol suite
– Advanced Research Projects Agency Network (ARPANET)
• Original name of the Internet
TCP/IP is the Internet Communication Protocol
• A communication protocol is a description of the rules computers must
follow to communicate with each other.
• The Internet communication protocol defines the rules for computer
communication over the Internet.
• TCP/IP defines how electronic devices (like computers) should be
connected to the Internet, and how data should be transmitted between them.
TCP/IP
• TCP/IP is TCP and IP working together.
• TCP takes care of the communication between your application software
(i.e. your browser) and your network software.
• IP takes care of the communication with other computers.
• TCP is responsible for breaking data down into IP packets before they are
sent, and for assembling the packets when they arrive.
• IP is responsible for sending the packets to the correct destination.
TCP uses
• Internet browsers and Internet servers use TCP/IP to connect to the Internet.

pg. 2
 • Your browser uses TCP/IP to access Internet servers, and servers use
TCP/IP to send HTML back to your browser.
• Your e-mail program uses TCP/IP to connect to the Internet for sending and
receiving e-mails.
• Your Internet address "222.48.162.2" is a part of the standard TCP/IP
protocol (and so is your domain name "www.myroomplace.com").
Overview of the TCP/IP Protocol Suite
• Four layers of the TCP/IP protocol suite :
- Application
- Transport
- Internetwork
- Network Interface
• Series of documents called Requests for Comments (RFCs) define,
describe, and standardize implementation and configuration of the TCP/IP
protocol suite
- The Internet Network Information Center (Inter NIC) is responsible
for maintaining these standards
• Protocols at the TCP/IP Application layer include:
- File Transfer Protocol (FTP)
- Trivial File Transfer Protocol (TFTP)
- Network File System (NFS)
- Simple Mail Transfer Protocol (SMTP)
- Terminal emulation protocol (telnet)
- Remote login application (rlogin)
- Simple Network Management Protocol (SNMP)
- Domain Name System (DNS)
- Hypertext Transfer Protocol (HTTP)

• Application Layer
• Protocols that exist at this layer include:
– File Transfer Protocol (FTP)
• Moves files between devices.
• Performs basic interactive file transfers between hosts.
– Trivial File Transfer Protocol (TFTP)

pg. 3
 • File transfer utility used on the Internet. TFTP uses UDP (User
Datagram Protocol*2) to transfer files and is therefore less reliable than
FTP which uses TCP in transferring files.
• User Datagram Protocol that operates at the Transport layer and
transports data unreliably over IP. Sometimes known as connectionless
communication as the messages are sent without expectation of
acknowledgment. – No connection negotiation process – Faster than
TCP
• Transport Layer
• Two protocols reside at this layer:
– TCP
– User Datagram Protocol (UDP)
• Ports • connection point, usually for network cable, on a device e.g. hub,
router, bridge and switch – Both TCP and UDP use port numbers for
communication between hosts – Well Known Port Numbers • TCP and UDP
ports from 0 through 1023 on which client applications expect to find common
Internet services
• Internetwork Layer
• Four main protocols function at this layer:
– Internet Protocol (IP)
– Internet Control Message Protocol (ICMP)
• Uses eight different message types to manage 11 different aspects of IP
communications – Address Resolution Protocol (ARP) • * Protocol that works
at the Internetwork layer of the TCP/IP networking model • Resolves a known
IP address to an unknown MAC address • A routed protocol • Maps IP
addresses to Mac address • ARP tables contains the MAC and IP addresses of
other devices on the network – Reverse Address Resolution Protocol (RARP)
• Protocol used to resolve the clients’ unknown IP address to the clients MAC
address. • In the case of a diskless workstation, a source host will know its
MAC address but not its IP address

2. ICMP (Internet Control Message Protocol)

ICMP:
ICMP (Internet Control Message Protocol) is a transport level protocol.
Simply put, it is a supporting layer protocol in the Internet protocol suite. The
very first definition of the ICMP was penned by Jon Postel who is considered

pg. 4
 as one of the founding fathers of the Internet. The original definition of the
ICMP has been altered several times and the latest description of ICMP is
specified in RFC 792 in detail. This latest description was published in
September 1981.
ICMP is stacked on the Internet Layer and supports the core Internet protocol.
It is considered as one of the most essential systems that allow the internet to
work flawlessly.
Purpose of ICMP:
IP does not have a built-in mechanism that sends control messages and
error messages. That is why a protocol like ICMP is needed. Practically,
ICMP offers error control and often it is employed to report errors, send
management queries and operations information.
Network devices like routers need to use the ICMP in order to send the error
messages. That is why ICMP is considered as a supporting protocol.
It is a known fact that the lower Internet Layer does not need to be concerned
with assuring the connection, yet ICMP is very much needed for important
feedback when things go out of order.
ICMP message codes:
ICMP offers feedback and information regarding errors, control
messages and management queries. The first code field in the ICMP block
singlehandedly manages to convey a great deal of information. Below you can
find some of the most relevant values the first code field can have and their
meaning:
0: Echo Reply. It is used for ping.
3: Destination is unreachable.
4: Source quench. It means that the router is overloaded.
5: Redirect. It denotes the use of another router.
8: Echo Request. Similar to 0, it is used for ping.
9: Router advertisement reply.
10: Router solicitation.

pg. 5
 11: Time Exceeded. It is used for traceroute.

Smurf attacks and ICMP

Sometimes, equipment owners might prefer turning the ICMP features
off. It might sound odd at first since ICMP capabilities provide an important
service for the router yet there is a reason behind why people shut ICMP off:
Smurf attacks!
Hackers can use ICMP properties in order to conduct a smurf attack. Since
smurf attacks employ a reflector strategy, the echo request of the ICMP can
be exploited for hacking purposes. The hacker finds their way into the
broadcast address on the network and manipulates the system to send out echo
requests. As a result, devices on the network replies the host router of that
broadcast IP address with an echo.
3. SMTP (Simple Mail Transfer Protocol)
Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol (SMTP) is the standard protocol
for email services on a TCP/IP network. SMTP provides the ability to send
and receive email messages.
SMTP is an application-layer protocol that enables the transmission and
delivery of email over the Internet. SMTP is created and maintained by the
Internet Engineering Task Force (IETF).
Simple Mail Transfer Protocol is also known as RFC 821 and RFC 2821
SMTP is one of the most common and popular protocols for email
communication over the Internet and it provides intermediary network
services between the remote email provider or organizational email server and
the local user accessing it.
SMTP is generally integrated within an email client application and is
composed of four key components:
Local user or client-end utility known as the mail user agent (MUA)
Server known as mail submission agent (MSA)

pg. 6
 Mail transfer agent (MTA)
Mail delivery agent (MDA)
SMTP works by initiating a session between the user and server, whereas
MTA and MDA provide domain searching and local delivery services.
4. DNS (Domain Name System)
Domain Name System
DNS, or the Domain Name System, translates human readable domain names
(for example, www.amazon.com) to machine readable IP addresses (for
example, 192.0.2.44).
DNS Basics
All computers on the Internet, from your smart phone or laptop to the
servers that serve content for massive retail websites, find and communicate
with one another by using numbers. These numbers are known as IP addresses.
When you open a web browser and go to a website, you don't have to remember
and enter a long number. Instead, you can enter a domain name like
example.com and still end up in the right place.
A DNS service such as Amazon Route 53 is a globally distributed service that
translates human readable names like www.example.com into the numeric IP
addresses like 192.0.2.1 that computers use to connect to each other. The
Internet’s DNS system works much like a phone book by managing the
mapping between names and numbers. DNS servers translate requests for
names into IP addresses, controlling which server an end user will reach when
they type a domain name into their web browser. These requests are called
queries.
Types of DNS Service
Authoritative DNS:
An authoritative DNS service provides an update mechanism that
developers use to manage their public DNS names. It then answers DNS
queries, translating domain names into IP address so computers can
communicate with each other. Authoritative DNS has the final authority over
a domain and is responsible for providing answers to recursive DNS servers

pg. 7
 with the IP address information. Amazon Route 53 is an authoritative DNS
system.
Recursive DNS:
Clients typically do not make queries directly to authoritative DNS
services. Instead, they generally connect to another type of DNS service known
a resolver, or a recursive DNS service. A recursive DNS service acts like a
hotel concierge: while it doesn't own any DNS records, it acts as an
intermediary who can get the DNS information on your behalf. If a recursive
DNS has the DNS reference cached, or stored for a period of time, then it
answers the DNS query by providing the source or IP information. If not, it
passes the query to one or more authoritative DNS servers to find the
information.
5. FTP (File Transfer Protocol)
FTP (File Transfer Protocol)
FTP (File Transfer Protocol) is used to communicate and transfer files
between computers on a TCP/IP (Transmission Control Protocol/Internet
Protocol) network, aka the internet. Users, who have been granted access, can
receive and transfer files in the File Transfer Protocol server (also known as
FTP host/site).
As a website developer, FTP is used to make changes to a website. Given the
large number of files that need to be handled, it is more comfortable and secure
to manage them using FTP.
FTP Work
FTP connection needs two parties to establish and communicate on the
network. To do that, users need to have permission by providing credentials to
the FTP server. Some public FTP servers may not require credentials to access
their files. The practice is common in a so-called anonymous FTP.
There are two distinct communication channels while establishing an FTP
connection. The first one is called the command channel where it initiates the
instruction and response. The other one is called a data channel, where the
distribution of data happens.

pg. 8
 To get or transfer a file, an authorized user will use the protocol to request on
creating changes in the server. In return, the server will grant that access. This
session is known as the active connection mode.
The distribution in active mode might face a problem if a firewall is protecting
the user’s machine. The firewall usually does not allow any unauthorized
sessions from an external party.
The passive mode is used if that issue occurs. In this mode, the user establishes
both command and the data channel. This mode then asks the server to listen
rather than to attempt to create a connection back to the user.
FTP Uses
There are three approaches on how to establish an FTP connection. A
very simple method is using a command-line FTP, such as using Command
prompt for Windows or Terminal in Mac/Linux. Developers still use it today
for transferring files using FTP.

A user also can use a web browser to communicate with the FTP server. A web
browser is more convenient when users want to access large directories in the
server. Yet, it’s often less reliable and slower than using a dedicated FTP
program.
Today, the most common practice to use FTP, especially for a web developer,
is by using an FTP client.
An FTP client provides more freedom compared to the command line and web
browser. It is also easier to manage and more powerful compared to the other
methods.
There are also more features available whilst using such a client. For example,
it allows users to transfer a large file and use the synchronizing utility.
6. Hypertext Transfer Protocol (HTTP and HTTPS)
Hypertext Transfer Protocol
The Hypertext Transfer Protocol is an application protocol for
distributed, collaborative, hypermedia information systems that allows users
to communicate data on the World Wide Web.

pg. 9
 Purpose of HTTP
HTTP was invented alongside HTML to create the first interactive,
text-based web browser: the original World Wide Web. Today, the protocol
remains one of the primary means of using the Internet.
HTTP work
As a request-response protocol, HTTP gives users a way to interact with
web resources such as HTML files by transmitting hypertext messages between
clients and servers. HTTP clients generally use Transmission Control Protocol
(TCP) connections to communicate with servers.
HTTP utilizes specific request methods in order to perform various tasks. All
HTTP servers use the GET and HEAD methods, but not all support the rest of
these request methods:
GET requests a specific resource in its entirety
HEAD requests a specific resource without the body content
POST adds content, messages, or data to a new page under an existing web
resource
PUT directly modifies an existing web resource or creates a new URI if need
be
DELETE gets rid of a specified resource
TRACE shows users any changes or additions made to a web resource
OPTIONS shows users which HTTP methods are available for a specific URL
CONNECT converts the request connection to a transparent TCP/IP tunnel
PATCH partially modifies a web resource
HTTP can be leveraged by cyber attackers using techniques like HTTP
smuggling.

pg. 10